WE CLAIM : 

1 LA method of controlling a security association of a network communication between 

2 a local application and a remote application, the local application utilizing a socket, said method 

3 comprising: 

4 (a) monitoring a completion status of the communication; 

5 (b) upon completion of the communication, closing the socket; and 

6 (c) in response to closing of the socket, terminating a correlation of the security 

7 association with the socket. 

C3 i 2. A method as claimed in claim 1, wherein step (c) comprises deleting the security 

Ji* 2 association. 

u i 3. A method as claimed in claim 1, wherein step (c) comprises determining whether any 

Q 2 other socket is correlated with the security association, and when it is determined that no other 

fjf 3 socket is correlated with the security association, deleting the security association. 

1 4. The method of claim 1, wherein the application operates through a driver, and step (c) 

2 includes notifying the driver that the security association is no longer needed, to cause the driver 

3 to terminate the correlation. 

1 5. A method of controlling communication between a local application and a remote 

2 application on a communication network, said method comprising: 

3 (a) creating a socket for the local application; 

4 (b) correlating the socket with a security association; 
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5 (c) performing the communication through the socket and the communication network; 

6 (d) upon completion of the communication closing the socket; and 

7 (e) in response to closing of the socket, terminating the correlation of the security 

8 association with the socket. 

1 6. The method of claim 5, wherein step (b) comprises: 

2 (1) determining whether there is an active security association that would cover traffic for 

3 the socket; 

4 (2) if step (1) determines that there is an active security association that would cover 

5 traffic for the socket, then correlating the socket with the active security association; 

6 (3) if step (1) determines that there is not an active security association that would cover 

7 traffic for the socket, then: 

8 (i) determining a security association for traffic for the socket; 

9 (ii) giving the determined security association to a network security driver; 

10 (iii) receiving a handle for the security association from the network security 
n driver; and 

12 (iv) correlating the socket with the security association of the handle. 

1 7. A method as claimed in claim 5, wherein step (e) comprises deleting the security 

2 association. 

1 8. A method as claimed in claim 5, wherein step (e) comprises determining whether any 

2 other socket is correlated with the security association, and when it is determined that no other 

3 socket is correlated with the security association, deleting the security association. 
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1 9. The method of claim 5, wherein the application operates through a driver, and step (e) 

2 includes notifying the driver that the security association is no longer needed, to cause the driver 

3 to terminate the correlation. 

1 10. A security system for connecting a client application to a communication network, 

2 wherein said security system comprises: 

3 a transmission control protocol for controlling communication between the client 

4 application and the communication network; 

5 a security classifier for coupling said transmission control protocol to the network, said 

6 security classifier determining a security classification for the client application; 

7 a security association negotiator responsive to the client application opening a socket at 

8 a node of the communication network, for correlating the socket with a security association based 

9 on the determined security classification; and 

io a network interceptor coupling the client application with the transmission control 

n protocol, and responsive to the socket being closed for terminating the correlation of the socket 

12 with the security association. 

1 1 1. A security system as claimed in claim 10, wherein the network interceptor responds 

2 to the socket being closed by deleting the security association. 

1 12. A security system as claimed in claim 10, wherein the network interceptor responds 

2 to the socket being closed by determining whether any other socket is correlated with the security 
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association, and when it is determined that no other socket is correlated with the security 
association, deleting the security association 

13. A communication system, comprising: 

a communication network, including a plurality of nodes; 
a servV connected to a first one of said nodes; 
a client processor; 

a storage medium within said client processor and storing a security system for connecting 
said client processor to\aid communication network for communication with said server, wherein 
said security system includes a transmission control protocol for controlling communication 
between said client processor\and said communication network; a security classifier for coupling 
said transmission control protocol to said communication network, said security classifier 
determining a security classification for said client processor; a security association negotiator 
responsive to said client processor opening a socket at a node of said communication network, 
for correlating the socket with a security association based on the determined security 
classification; and a network interceptor coupling said client processor with said transmission 
control protocol, and responsive to the socket cueing closed for deleting the security association. 

14. A communication system as claimed inVlaim 13, wherein the network interceptor 
responds to the socket being closed by deleting the security association. 

15. A communication system as claimed in claim 13;\wherein the network interceptor 
responds to the socket being closed by determining whether anyWher socket is correlated with 
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the security association, and when it is determined that no other socket is correlated with the 
security association, deleting the security association. 

An article, comprising a storage medium having instructions stored thereon, the 
instruction^ when executed controlling a security association of a network communication 
between a lois^al application and a remote application, the local application having a socket, by 
monitoring a completion status of the communication; upon completion of the communication, 
closing the socket;Vnd in response to closing of the socket, terminating a correlation of the 
security association wrth the socket. 
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17. An article as claused in claim 16, wherein the correlation of the security association 
with the socket is terminated by \eleting the security association. 
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18. An article as claimed in claim 16, wherein the correlation of the security association 
with the socket is terminated by determining whether any other socket is correlated with the 
security association, and when it is determined th^t no other socket is correlated with the security 
association, deleting the security association. 



19. An article as claimed in claim 16, wherein the^pplication operates through a driver, 
and the correlation of the security association with the socket lkterminated by notifying the driver 
that the security association is no longer needed, to cause the driver to terminate the correlation. 
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